A number of Australian Government Websites have been hacked including the Victorian parliaments by a malware that forces a visiting system to mine cryptocurrency for the hacker. The activities conducted by the hackers is called Cryptojacking where the computer of the third party is used for mining process that too without his permission.

Last Sunday, a huge number of UK government websites were infected with a Malware through which the third party’s system was compromised. UK’s National Health Service, the Queensland Civil and Administrative Tribunal, the Queensland Community Legal Centre homepage, the Victorian parliament, and the UK’s own data protection watchdog were also part of infected websites that were attacked in the recent incident.

To prosecute their plan the Hackers used Browsealoud. It is a popular plug-in that transforms written text on a website to audio which is helpful for visually-impaired individuals. As per the sources the makers of Browsealoud claimed that hackers found an exposure in the browser and further used a script named Coinhive which allows a user to hijack a computer for mining purpose.

In an interview with the Guardian, a UK based security researcher, Scott Helme stated that the websites were not completely protected. Rather, Government could have taken more effective measures.

When you load software like this from a third party, that third party can change it and make it do whatever they want,” - Scott Helme

Helme was surprised on compromisation of Browsealoud. But talking about government websites he commented that such attacks can be easily executed on small platforms but websites such as the Victorian parliament is supposed to have a strong security mechanism. Somewhere the security system of all these websites lacked.

As per the government reports the exploitation process was active for four hours on Sunday. The infected platform, Browsealoud was taken offline after the recognition of attack and will stay offline till Tuesday. It has also been assured that it did not redirect any data. The systems were merely used for mining purpose.

Reportedly thousands of websites were hijacked and South Australia’s City of Unley council, Victoria’s City of Casey council, the office of the Queensland Public Guardian,and Western Australia’s City of Bayswater council which protects the rights of young children in care was also part of it.

A similar incident was reported by Guardian in December when around 1 billion visitors were trapped in mining process through visiting cryptojacked websites such as Openload and Streamango.

Applancer is an open platform for discussion on all things like Blockchain , Cryptocurrency and Ico news updates. As such, the opinions expressed in this article are the author's own and do not necessarily reflect the view of Applancer .